Storemate logo Start for free
Legal

Privacy
Policy

Storemate — storemate.lk  ·  Effective date: June 2026  ·  Version 1.0

"Your data is sacred to us."
Our Commitment to You

Your data belongs to you. We are trusted with it — not entitled to it.

This Privacy Policy explains what data Storemate collects, how we use it, how we protect it, and the rights you have over it. We have written it in plain language — not legal jargon. If you have any questions after reading this, contact us at hello@storemate.lk.

01

Who We Are

Storemate is an order and inventory management platform for Sri Lankan online sellers, operated by Parallax Technologies (Pvt) Ltd, a company registered in Sri Lanka.

Company
Parallax Technologies (Pvt) Ltd
Platform
Storemate — storemate.lk
Address
Kottawa, Pannipitiya, Sri Lanka
Email
hello@storemate.lk
Website
https://storemate.lk
02

What Data We Collect

We collect only the data necessary to provide the Storemate service. We do not collect data we do not need.

Account Data

Name, email address, phone number, and business name provided when you register.

Order Data

Order details, customer names, delivery addresses, product information, and payment method records that you enter into the platform to manage your business.

Customer Data

The names, phone numbers, and delivery addresses of your buyers — entered by you or collected through the Self-Order Form feature. This data belongs to you and your customers.

Usage Data

How you interact with the platform — pages visited, features used, session times. Used to improve the product. Never sold.

Device Data

Browser type, operating system, IP address, and device type — collected automatically for security and performance purposes.

Payment Data

If you are on a paid plan, payment is processed by a third-party payment provider. Storemate does not store card numbers or full payment details.

03

How We Use Your Data

We use your data only for the purposes listed below. We do not use your data for advertising, profiling, or any purpose unrelated to operating Storemate.

1
To provide the Storemate service
Processing orders, managing inventory, syncing with courier networks, generating waybills, and all core platform functions.
2
To set up and support your account
Onboarding, implementation sessions, technical support, and responding to your questions and requests.
3
To send service communications
Order confirmations, delivery updates, platform notifications, and important changes to the service. Not marketing unless you opt in.
4
To improve the product
Analysing how features are used to make Storemate better. This analysis is aggregated and never tied to individual sellers.
5
To ensure security
Detecting fraud, preventing unauthorised access, and protecting the platform and your data from threats.
6
To comply with legal obligations
Where Sri Lankan law or a valid legal process requires us to retain or disclose data, we will do so — and inform you where possible.
Important — What We Never Do

We never sell your data to third parties. We never use your order data, customer data, or business data for advertising purposes — ours or anyone else's. We never share your business data with competitors. We never use your data to build profiles for external advertising networks.

04

Data Sharing and Third Parties

We share your data only when necessary to provide the service — with your knowledge, or where legally required. We do not sell data. Ever.

Courier networks
Royal Express, TransEx, FDE, DomEx, Koombiyo. Order and delivery data is shared to process shipments. This is core to the service you signed up for.
Cloud infrastructure
Storemate runs on secure cloud servers. Your data is stored on servers with appropriate security controls and data processing agreements in place.
Payment processors
If you pay for a Storemate subscription, payment data is handled by a third-party payment processor. We do not store full card details.
Legal authorities
Where required by Sri Lankan law or a valid legal process, we may be required to disclose data. We will inform you where we are legally permitted to do so.
05

Data Security and ISO 27001

Our Security Commitment

We are working toward ISO 27001 certification — the world's most recognised information security standard.

Not because we have to. Because your business data deserves it. Security is not a checkbox at Storemate. It is a brand value. Every seller who trusts us with their order data, customer details, and business trends is placing real trust in us.

Our current security measures include:

  • HTTPS encryption on all data transmission between your browser and our servers.
  • Encrypted data storage — your data is not stored in plain text.
  • Access controls — our team members can only access data necessary for their role.
  • Regular security reviews and vulnerability assessments.
  • Secure backup systems to prevent data loss.
  • Incident response procedures — we have a process for identifying, containing, and communicating any data security incidents.
Data Correction Commitment

If there is ever a data error in your account — we correct it manually if needed. No "the system cannot do that." No deflection. We own it and we fix it.

Despite our best efforts, no system is 100% immune to security risks. If a security incident occurs that affects your data, we will notify you as quickly as possible and take all steps to contain and resolve it.

06

Data Retention

We keep your data only as long as necessary to provide the service or as required by law.

Active account data
Kept for as long as your account is active and you are using Storemate.
Order & transaction data
Retained for a minimum of 3 years to support your business records and comply with Sri Lankan commercial regulations.
Account data after closure
When you close your account, we delete or anonymise your personal data within 90 days, unless legal retention is required.
Backup data
Backups are retained for up to 90 days before being permanently deleted.
Legal hold
Where required by law or legal process, data may be retained beyond the above periods until the matter is resolved.
07

Your Rights

You have rights over your data. We take these seriously. To exercise any of the rights below, contact us at hello@storemate.lk and we will respond within 14 days.

1
Right to access
You can request a copy of all personal data we hold about you and your business account.
2
Right to correction
If any data we hold is inaccurate or incomplete, you have the right to have it corrected. You can update most data directly in the platform or contact us for assistance.
3
Right to deletion
You can request deletion of your personal data. We will delete it within 30 days unless legal retention requirements apply. Note: deleted order data cannot be recovered.
4
Right to data portability
You can request your data in a structured, machine-readable format so you can transfer it to another service. Contact us at hello@storemate.lk.
5
Right to restrict processing
In certain circumstances, you can request that we limit how we process your data while a concern is being resolved.
6
Right to object
You have the right to object to certain types of data processing, including any processing for marketing purposes.
7
Right to withdraw consent
Where we process data based on your consent, you can withdraw that consent at any time. This does not affect processing carried out before withdrawal.
08

Cookies

Storemate uses cookies — small text files stored on your device — to make the platform work correctly and improve your experience.

Essential cookies
Required for the platform to function. Session management, security tokens, login state. Cannot be disabled without breaking the platform.
Functional cookies
Remember your preferences, saved filters, and settings so you do not have to reset them every session. This includes Smart Filter Memory.
Analytics cookies
Anonymised data about how the platform is used — which features are popular, where sellers get stuck. Used to improve the product. No personal data.

We do not use advertising or tracking cookies. We do not share cookie data with advertising networks.

09

Children's Privacy

Storemate is a business platform intended for use by adults operating online businesses. We do not knowingly collect personal data from anyone under the age of 18.

If you believe a person under 18 has provided us with personal data, please contact us immediately at hello@storemate.lk and we will delete it promptly.

10

Changes to This Policy

We may update this Privacy Policy from time to time. When we do:

  • We will update the effective date at the top of this document.
  • We will notify you by email if the changes are material — changes that meaningfully affect how we collect, use, or share your data.
  • For minor changes (clarifications, formatting), we will update the policy without individual notification.
  • Continued use of Storemate after notification of changes constitutes acceptance of the updated policy.
  • Previous versions of this policy are available on request at hello@storemate.lk.
11

Contact Us

If you have any questions about this Privacy Policy, want to exercise your data rights, or have a concern about how your data is handled — contact us. We will respond within 14 days.

Privacy & Data Contact — Parallax Technologies (Pvt) Ltd
Email
hello@storemate.lk
For all privacy and data requests
Subject line
Privacy Request — [your name]
Use this for faster routing
Website
storemate.lk/privacy
This policy and related documents
Address
Kottawa, Pannipitiya, Sri Lanka
Parallax Technologies (Pvt) Ltd

We are committed to responding to all privacy requests promptly and honestly. No question is too small. Your data rights are real rights — not a formality.

Privacy at a Glance

A plain-language summary of this Privacy Policy for quick reference.

What data we collect
Account details, order data, customer addresses, usage analytics, device info.
Why we collect it
To operate Storemate, support your account, improve the product, and ensure security.
Do we sell your data?
No. Never. To anyone. Under any circumstances.
Who sees your data?
Our team (on a need-to-know basis), courier partners, and cloud infrastructure. Nobody else.
How long we keep it
As long as your account is active + 3 years for order records. 90 days after account closure.
Is it secure?
Yes. HTTPS, encrypted storage, access controls, ISO 27001 in progress.
Can you delete it?
Yes. Contact hello@storemate.lk and we will delete within 30 days.
Can you export it?
Yes. Contact hello@storemate.lk and we will provide a portable copy.
Cookies?
Essential (required), functional (preferences), and anonymised analytics. No ad tracking.
Changes to this policy?
We email you for material changes. Effective date always shown at top.
Our Data Commitment — Parallax Technologies (Pvt) Ltd

"Your data belongs to you. We are trusted with it — not entitled to it."

We will always be transparent about what we collect, why we collect it, and what we do with it. We will never sell it, never misuse it, and always protect it to the highest standard.

Namal Attanayake · CEO & Founder · Parallax Technologies (Pvt) Ltd · Effective: June 2026 · Version 1.0